User-Driven Access Control: Rethinking Permission ... - CiteSeerX

Extrait du fichier (au format texte) :

User-Driven Access Control:
Rethinking Permission Granting in Modern Operating Systems
Franziska Roesner, Tadayoshi Kohno
{franzi, yoshi}@cs.washington.edu
University of Washington

Alexander Moshchuk, Bryan Parno, Helen J. Wang
{alexmos, parno, helenw}@microsoft.com
Microsoft Research, Redmond

Crispin Cowan crispin@microsoft.com
Microsoft
Abstract

tionality and security for access to the user s data and resources. From a functionality standpoint, isolation inhibits the client-side manipulation of user data across arbitrary applications. For example, the isolation of web sites makes it difficult to share photos between two online providers
(e.g., Picasa and Flickr) without manually downloading and re-uploading them. (While two such applications can prenegotiate data exchanges through IPC channels or other APIs,
requiring every pair of applications used by a user to prenegotiate is inefficient or impossible.) From a security standpoint, existing access control mechanisms tend to be coarsegrained, abrasive, or inadequate. For instance, they require users to make out-of-context, uninformed decisions at install time via manifests [3, 6], or they unintelligently prompt users to determine their intent [5, 20].
Thus, a pressing open problem in these systems is how to allow users to grant applications access to user-owned resources spanning different isolation boundaries, defined as privacy-and cost-sensitive devices and sensors (such as the camera, GPS, or SMS capabilities), system services and settings (such as the contact list or clipboard), and user content stored with various applications (such as photos or documents). To address this problem, we propose user-driven access control, whereby the system captures user intent via authentic user actions in the context of applications.
In particular, we introduce access control gadgets (ACGs)
as an operating system technique to capture user intent. Each user-owned resource exposes UI elements called ACGs for applications to embed. The user s authentic UI interactions with an ACG grant the embedding application permission to access the corresponding resource. Our design ensures the display integrity of ACGs, resists tampering by malicious applications, and allows the system to translate authentic user input on the ACGs into permissions.
The ACG mechanism enables a permission granting system that minimizes unintended access by letting users grant permissions at the time of use (unlike the manifest model)
and minimizes the burden on users by implicitly extracting a

Modern client platforms, such as iOS, Android, Windows
Phone, Windows 8, and web browsers, run each application in an isolated environment with limited privileges. A pressing open problem in such systems is how to allow users to grant applications access to user-owned resources, e.g., to privacyand cost-sensitive devices like the camera or to user data residing in other applications. A key challenge is to enable such access in a way that is non-disruptive to users while still maintaining least-privilege restrictions on applications.
In this paper, we take the approach of user-driven access control, whereby permission granting is built into existing

Les promotions



Entanglement and Rigidity in Percolation Models ... - Alexander Holroyd
Entanglement and Rigidity in Percolation Models ... - Alexander Holroyd
22/05/2017 - www.microsoft.com
¬ ''&'''''' '&'!' &'' &''&''''''' ' ' ''''''''''''"' ''#' '$'%&''&&'''*')'+'!',''-''''.')'+' '/ ')'0''1&''!''2 ''3 '4'6'5'8'7''9';':'=''¬ß'H'¬ź'¬£'¬Ć'X'¬© '¬í''¬ď'¬Ē'¬ć','¬ĺ'K'¬Ź'¬Ď'¬ź'¬£'¬Ć'¬č'¬ď'¬Ē!¬í'8'¬í''¬ä''¬Ć''¬ä''¬õ'¬ě'¬í''¬ź'¬£'¬Ć'¬ě'¬ä'¬≠'¬ä',!¬í'8'¬í''¬ź'¬£!¬í'H'¬•&`'¬Ź'¬ú'¬ä',!¬Ē''¬ä',!¬í'8'¬í''¬ź'¬£!¬í'H'¬ô&'¬Ć'¬ě'¬ď'¬Ē'¬•&`'¬ď'¬ú'¬ô'H'¬ď'¬ú'¬í'¬ł'¬®'¬£'¬≤'¬č'¬¨''¬é'@'¬é&`'¬õ'¬ě'¬ä','¬Ź'¬ú'¬®$i'¬õ'¬ě'¬ß'V'¬ä','¬ź'¬£'¬ģ

D6. 4: Final evaluation of CLASSiC TownInfo and ... - Microsoft
D6. 4: Final evaluation of CLASSiC TownInfo and ... - Microsoft
23/11/2017 - www.microsoft.com
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/228835240 D6. 4: Final evaluation of CLASSiC TownInfo and Appointment Scheduling systems Article · May 2011 CITATIONS READS 15 56 11 authors, including: Helen Hastie Filip Jurcicek Heriot-Watt University Charles University in Prague 105 PUBLICATIONS 858 CITATIONS 55 PUBLICATIONS 439 CITATIONS SEE PROFILE SEE PROFILE Oliver Joseph Lemon Steve Young Heriot-Watt University Univer

MatrixExplorer: Un système pour l'analyse exploratoire de ... - Microsoft
MatrixExplorer: Un système pour l'analyse exploratoire de ... - Microsoft
22/05/2017 - www.microsoft.com
MatrixExplorer: Un syst√®me pour l analyse exploratoire de r√©seaux sociaux Nathalie Henry Jean-Daniel Fekete INRIA Futurs/LRI/University of Sydney B√Ęt 490, Universit√© Paris-Sud 91405 Orsay Cedex Nathalie.Henry@lri.fr INRIA Futurs/LRI B√Ęt 490, Universit√© Paris-Sud 91405 Orsay Cedex Jean-Daniel.Fekete@inria.fr RESUME ABSTRACT Dans cet article, nous pr√©sentons le syst√®me MatrixExplorer destin√© √ explorer des r√©seaux sociaux. Il a √©t√© con√ßu pour des chercheurs en sciences sociales  soc

Architectures reconfigurables et traitement de proble`mes ... - Microsoft
Architectures reconfigurables et traitement de proble`mes ... - Microsoft
16/11/2016 - www.microsoft.com
RECHERCHE Architectures reconfigurables et traitement de proble`mes NP-difficiles : un nouveau domaine d application Youssef Hamadi ¬  David Merceron ¬ '¬ ' LIRMM, UMR 5506 CNRS/Universite¬ī Montpellier II 161, Rue Ada, 34392 Montpellier Cedex 5 hamadi@lirmm.fr ''' EURIWARE, 12-14 rue du fort de St-Cyr 78067 St Quentin-en-Yvelines Cedex damercer@euriware.fr RE¬īSUME¬ī. L algorithme GSAT est un algorithme de recherche locale. Cette me¬īthode recherche la premie`re instanciation satisfaisa

DSCOVR: Randomized Primal-Dual Block Coordinate ... - Microsoft
DSCOVR: Randomized Primal-Dual Block Coordinate ... - Microsoft
23/08/2018 - www.microsoft.com
DSCOVR: Randomized Primal-Dual Block Coordinate Algorithms for Asynchronous Distributed Optimization lin.xiao@microsoft.com Lin Xiao Microsoft Research AI Redmond, WA 98052, USA weiyu@cs.cmu.edu Adams Wei Yu Machine Learning Department, Carnegie Mellon University Pittsburgh, PA 15213, USA qihang-lin@uiowa.edu Qihang Lin Tippie College of Business, The University of Iowa Iowa City, IA 52245, USA wzchen@microsoft.com Weizhu Chen Microsoft AI and Research Redmond, WA 98052, USA October 13, 2017 Abs

Vers une approche simplifiée pour introduire le caractère ... - Microsoft
Vers une approche simplifiée pour introduire le caractère ... - Microsoft
23/11/2017 - www.microsoft.com
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/262881208 Vers une approche simplifiée pour introduire le caractère incrémental dans les systèmes de dialogue Conference Paper · July 2014 CITATION READS 1 26 3 authors, including: Hatim Khouzaimi Romain Laroche Orange Labs / Laboratoire Informatique d'Avi & Microsoft Maluuba 12 PUBLICATIONS 42 CITATIONS 58 PUBLICATIONS 185 CITATIONS SEE PROFILE All content following this

A Large-Scale Study of the Evolution of Web Pages - Microsoft
A Large-Scale Study of the Evolution of Web Pages - Microsoft
23/08/2018 - www.microsoft.com
A Large-Scale Study of the Evolution of Web Pages Dennis Fetterly Hewlett Packard Labs 1501 Page Mill Road Palo Alto, CA 94304 dennis.fetterly@hp.com Mark Manasse Marc Najork Microsoft Research Microsoft Research 1065 La Avenida 1065 La Avenida Mountain View, CA 94043 Mountain View, CA 94043 manasse@microsoft.com najork@microsoft.com Janet Wiener Hewlett Packard Labs 1501 Page Mill Road Palo Alto, CA 94304 janet.wiener@hp.com ABSTRACT 1. INTRODUCTION How fast does the web change? Does most of th

User-Driven Access Control: Rethinking Permission ... - CiteSeerX
User-Driven Access Control: Rethinking Permission ... - CiteSeerX
23/08/2018 - www.microsoft.com
User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems Franziska Roesner, Tadayoshi Kohno {franzi, yoshi}@cs.washington.edu University of Washington Alexander Moshchuk, Bryan Parno, Helen J. Wang {alexmos, parno, helenw}@microsoft.com Microsoft Research, Redmond Crispin Cowan crispin@microsoft.com Microsoft Abstract tionality and security for access to the user s data and resources. From a functionality standpoint, isolation inhibits the client-side manipulation

290 3220 abcdefg x12 46
290 3220 abcdefg x12 46
20/03/2015 - docs.whirlpool.eu
WHIRLPOOL ADP7641 A A A A A A A 290 3220 ABCDEFG 2010/1059 X12 46

Logic Pro 8 Control Surfaces Support - Apple
Logic Pro 8 Control Surfaces Support - Apple
27/11/2014 - manuals.info.apple.com
Logic Pro 8 Control Surfaces Support √ł√Ņ Apple Inc. ¬© 2007 Apple Inc. All rights reserved. Under the copyright laws, this manual may not be copied, in whole or in part, without the written consent of Apple. Your rights to the software are governed by the accompanying software licence agreement. The Apple logo is a trademark of Apple Inc., registered in the U.S. and other countries. Use of the keyboard  Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of

Tableau 5019 396 01718 ADP 6950
Tableau 5019 396 01718 ADP 6950
20/03/2015 - docs.whirlpool.eu
Tableau Guide de consultation rapide AVANT D UTILISER L APPAREIL POUR LA PREMI√ąRE FOIS, LISEZ ATTENTIVEMENT CE GUIDE DE CONSULTATION RAPIDE ET LES INSTRUCTIONS D INSTALLATION ! Description des options et de l afficheur TOUCHE MARCHE/ ARR√äT S√ČLECTEUR DE PROGRAMME Appuyez (plusieurs fois) sur la touche Programme , jusqu √ ce que le voyant du programme requis s allume (voir le Tableau des programmes  ci-dessous). TOUCHE R√ČINITIALISATION Pour modifier un programme ou annuler les indica

la lettre - Valeo
la lettre - Valeo
28/07/2017 - www.valeo.com
la lettre aux actionnaires avril 2014 Centre technique, Auburn Hills, √Čtats-Unis Chers actionnaires, Sommaire R√©sultats 2013 2 Croissance chiffre d affaires* + 10 % + 12 % + 13 % + 1 % T1 2013 T2 2013 T3 2013 T4 2013 * √ p√©rim√®tre et taux de change constants  roduits & P Innovations C arnet de l actionnaire 3 4 Les r√©sultats 2013 confirment l excellente dynamique de croissance du Groupe Valeo malgr√© un march√© automobile europ√©en qui est rest√© fragile. La croissance de V

Mode d'emploi
Mode d'emploi
13/11/2017 - www.delonghi.com
Quelques notions d humidité L  air contient toujours une certaine quantité d eau, sous forme de vapeur. Cela détermine le degré d humidité d une pièce. La capacité de l air de contenir de la vapeur d eau varie avec la température : plus la température est élevée, plus l air peut contenir d eau. Dans nos maisons, dès que la température baisse, la vapeur d eau contenue dans l air se transforme en condensation qui se dépose sur toutes les surfaces froides (vitres, murs, et

Centres de Cuisson ViCtoria - Smeg
Centres de Cuisson ViCtoria - Smeg
18/05/2016 - www.smeg.fr
design & technologie Centres de cuisson Victoria Centres de cuisson victoria une esthetique unique Ces centres de cuisson illustrent parfaitement les origines du style classique et intemporel. Une esthétique exclusive, une qualité exceptionnelle et un design sans faute sont les ingrédients qui rendent les produits de la gamme Victoria uniques, avec notamment comme signature le logo Smeg de la Gamme années 50  inscrit en toutes lettres sur son dosseret. Pour découvrir en images et encore